MFA | "Don't ask again for 14 days" is grayed out

Copper Contributor

In our tenant, we have set the remember device setting to be 14 days for MFA. I have one specific user when she gets to the multi-factor page to enter SMS code, the "Don't ask again for 14 days" is grayed out. When I login with incognito window I get the same option but I am able to check mark the box. Is there another setting that would gray out that function for specific users? 






3 Replies

This may be related to Chrome holding on to cached cookies. Incognito mode does not use cookies. If the user has already accepted the option "Don't ask again", this may gray out the option. After the user authenticates, do they still have to provide MFA? Clearing the browser cookies should delete the cookies presenting the same option as Incognito mode.



Did you find an answer to your original question of how to disable the "don't ask me again" setting for specific users?
I've run into the same issue, except it is a specific page that has it grayed out for everyone. Not sure how that is possible. We aren't using Conditional Access.